Andreas Krüger
818aa7aeb1
Set dnsPolicy to ClusterFirstWithHostNet when hostNetwork is true ( #4843 )
2019-06-05 03:17:55 -07:00
Vladimir Kiselev
045acc724b
fix relative paths for bastion host template ( #4126 )
...
This is a fix for #4124
2019-06-05 01:51:55 -07:00
Dani Comnea
d540560619
Preinstall fails on checking etcd group length ( #4839 )
2019-06-05 01:37:53 -07:00
Andreas Krüger
797bfd85b0
Only create kubeadm compat cert dir link if it does not exist ( #4840 )
2019-06-05 01:27:53 -07:00
Sergey Nuzhdin
07cb8ebef7
Add support for arm images for hyperkube, kubeadm and cni_binary ( #4261 )
...
* Add support for arm images for hyperkube, kubeadm and cni_binary
* Add dummy etcd checksum for arm
This commit adds dummy etcd checksum for arm to avoid "no attribute" error
during setup.
* Add etcd host assert check
* Add 1.13.4 checksums of kubeadm and hyperkube for arm
* Update checksums of kubeadm and hyperkube for arm
* Add dummy checksums for calicoctl_binary_checksums dict
* disable gather_facts because it causes tests to fail
* Remove architecture check for etcd, due to unable to run tests
2019-06-05 00:05:55 -07:00
Toni Pokki
54416cabfd
prefer_udp for upstream dns servers ( #4810 )
2019-06-04 23:27:55 -07:00
Matthew Mosesohn
3617ae31f6
Optionally skip predownload of kubeadm images ( #4832 )
2019-06-04 04:35:02 -07:00
Maxime Guyot
4f05d801c3
Use short cluster_name for TF CI ( #4835 )
2019-06-04 04:25:00 -07:00
Maxime Guyot
956afcb33f
Move tf-ovh to part2 ( #4834 )
2019-06-04 01:39:07 -07:00
Matthew Mosesohn
6347419233
Avoid duplicating nameservers ( #4833 )
2019-06-04 00:13:02 -07:00
Rodrigo Bermúdez Schettino
0c7a50fe1e
README: Make usage section clearer ( #4034 )
...
Long option --become was used in the example but in the comment describing it the short option -b was used.
Use same option in description and example to avoid confusion.
2019-05-31 12:48:28 -07:00
Andreas Krüger
7423932510
Add ready plugin for CoreDNS ( #4817 )
2019-05-28 06:47:56 -07:00
Andreas Krüger
b41530ba5d
Add missing extraArgs to kubeadm-config ( #4814 )
2019-05-28 03:57:52 -07:00
Maxime Guyot
29e916508c
Update roadmap ( #4811 )
2019-05-28 02:05:54 -07:00
Maxime Guyot
b45f3f0004
Add tf-ovh_coreos CI job ( #4763 )
2019-05-28 01:51:53 -07:00
Dani Comnea
2a5721b4d4
Change CentOS CRI-O repo from developer repo to public one ( #4807 )
2019-05-27 05:33:51 -07:00
Maxime Guyot
e30a703c8e
Add Kubernetes conformance tests ( #4614 )
2019-05-27 05:31:52 -07:00
Vitaliy Dmitriev
333f1a4a40
kubeadm join path fixed for RH linux ( #4798 )
2019-05-27 01:49:51 -07:00
Geert-Johan Riemer
84b278021a
Update openstack.yml ( #4795 )
...
Fix comment style
2019-05-25 05:19:27 -07:00
Andreas Krüger
1e470b0473
Fix certificate-key param for kubeadm init ( #4789 )
...
* Fix certificate-key param for kubeadm init
* Fix yamllint error
2019-05-22 02:06:11 -07:00
André R. de Miranda
0ef3a7914c
Added pod psp in Rancher Local Path Provisioner ( #4385 )
...
* Added pod psp in Rancher Local Path Provisioner
Added pod security policy (psp) in Rancher Local Path Provisioner.
Signed-off-by: André R. de Miranda <andre@miranda.work>
* Apply psp for Rancher Local Path Provisioner only when local_path_provisioner_namespace is not kube-system and also reorganized the templates
2019-05-22 00:16:08 -07:00
bobahspb
a3fff1e438
cordon all deleted nodes before drain ( #4756 )
...
Kubespray waits exit of every drain before run other one.
Running drain every after each other seems better than parallel, because we should check resources availability every time.
But, this way, we have one additional problem: possible restart pods on the nodes that are killed little bit later.
Fast cordon before heavy drain seems like an easy solution.
2019-05-21 23:36:05 -07:00
André R. de Miranda
4bc204925a
Error in nginx when starting registry-proxy ( #4785 )
...
Error starting nginx because in requiredDropCapabilities is dropped all capabilities.
The nginx requires the following capabilities:
- CHOWN
- SETGID
- SETUID
Signed-off-by: André R. de Miranda <andre@miranda.work>
2019-05-20 11:27:15 -07:00
Jacopo Secchiero
5d9946184a
Add ignore_assert_errors to "kube-master, ... ( #4779 )
...
... kube-node or etcd is empty" task
As a assert must be ignored if ignore_assert_errors is true
2019-05-20 11:25:14 -07:00
MarkusTeufelberger
5ba169a612
Ignore 2 ansible-lint rules (E204, E701) on purpose. ( #4744 )
2019-05-20 11:23:14 -07:00
marcstreeter
872b37f751
updated pinning to prevent breaking changes ( #4783 )
...
* updated ansible pinning to prevent more possibilities of breaking changes
* more exact pinning of ansible version
* more exact pinning of ansible version and also all the rest
* added testing requirements.txt pinning settings
* removed boto from testing requirements.txt
2019-05-20 11:21:14 -07:00
Mateus Caruccio
8485136f9a
var node_labels as string ( #4764 )
2019-05-19 12:31:10 -07:00
Maxime Guyot
ff1bc739f1
Change default for kubelet_flexvolumes_plugins_dir ( #4752 )
2019-05-19 12:29:10 -07:00
MarioUhrik
594a0e7f1b
Fix invalid YAML formatting within addons.yml ( #4753 )
2019-05-16 02:05:49 -07:00
Florent Monbillard
8e28ba38d2
Add Load Balancer IP to API servers SANs ( #4775 )
...
- Add loadbalancer_apiserver.address to apiserver_sans
2019-05-16 01:23:42 -07:00
MarkusTeufelberger
73c2ff17dd
Fix Ansible-lint error [E502] ( #4743 )
2019-05-16 00:27:43 -07:00
Timoses
13f225e6ae
Only pull images for destined host groups ( #4735 )
...
Without this, pulls are considered for all
hosts groups, even if not targetted by the downloads
`groups` list. Hence, a download/sync is triggered
even though the host does not require the image.
2019-05-16 00:25:48 -07:00
Maxime Guyot
3f62492a15
Use standard testcases job for TF CI ( #4732 )
2019-05-14 02:01:14 -07:00
Maxime Guyot
5e3bd2dff1
Use common playbook to wait for SSH ( #4734 )
2019-05-10 01:25:59 -07:00
Robert Neumann
787a9c74fa
Terraform wait for floating IP instance has been associated ( #4321 )
...
* Add wait for floating ip associate with instance
* Terraform formatting fix
* Sort Open Telekom Cloud in compatible list
2019-05-09 02:16:50 -07:00
Aleksey Kasatkin
14749df6f3
Fix "netchecker-server" ClusterRole ( #4730 )
...
* Add sha256 hashes for calicoctl v3.6.1
Hashes are added to calicoctl_binary_checksums for both adm and arm platforms.
* Add rules for "network-checker.ext" resource to "netchecker-server" ClusterRole
So that it could access the resource after it is created.
Corresponding issues:
https://github.com/Mirantis/k8s-netchecker-server/issues/125
https://github.com/kubernetes-sigs/kubespray/issues/3281
2019-05-09 01:30:49 -07:00
Sandro Modarelli
2db2898112
Fixed runc path in runtime for RedHat os family ( #4731 )
2019-05-09 01:28:48 -07:00
Maxime Guyot
3776000fc4
Run TF tests from repo root ( #4723 )
2019-05-08 23:40:49 -07:00
Maxime Guyot
f0572e59e7
Always do OVH CI ( #4722 )
2019-05-08 23:38:53 -07:00
Andreas Krüger
6217184c7f
Merge pull request #4720 from MarkusTeufelberger/patch-1
...
Update default CentOS version on Azure
2019-05-09 08:38:44 +02:00
Andreas Krüger
044dcbaed0
Add Kubelet config, remove deprecated flags and fix minor bugs ( #4724 )
...
* Add kubelet config
* Change kubelet_authorization_mode_webhook to true
* Fix lint
* Sync env file
* Refactor the kubernetes node folder
* Remove deprecated flag and fix lint
2019-05-08 13:38:36 -07:00
Andreas Krüger
8a5eae94ea
Minor cleanups of CoreDNS issues and CI job ( #4719 )
...
* Minor cleanups
* Add comment in docs that nodelocaldns cache is enabled by default
2019-05-07 13:20:36 -07:00
Andreas Krüger
bf3c6aeed1
Add kube anon auth settings to kubeadm config templates ( #4713 )
...
* Disable kube_api_anonymous_auth by default to secure the setup
* Disable metrics-server in addons. Health endpoint is slow and unstable
* Fix anonymous-auth missing in configuration
* Cleanup a bit
* Fix kube anon auth
2019-05-07 12:52:34 -07:00
MarkusTeufelberger
f3fbf995ca
Update default CentOS version on Azure
2019-05-07 13:37:42 +02:00
Dmitri Rubinstein
03bded2b6b
Fix adding output of kubeadm to the admin.conf downloaded to the artifacts directory ( #4696 )
...
Fixes issue https://github.com/kubernetes-sigs/kubespray/issues/4695
2019-05-06 03:29:36 -07:00
Manuel Cintron
d5c0829d61
Removing unnecessary httplib2 install ( #4708 )
2019-05-03 17:55:38 -07:00
Alex Barcelo
00369303de
Fixing msg
parameter for debug
module ( #4702 )
...
According to [`debug` module documentation](https://docs.ansible.com/ansible/latest/modules/debug_module.html?highlight=msg ), the correct parameter name is `msg`.
With the previous `message` parameter name I was getting FAILED messages while ansible was trying to debug previous FAILED tasks.
2019-05-03 12:21:42 -07:00
okamototk
1f1479c0a7
Update ingress nginx 0.24.1. ( #4691 )
2019-05-03 12:19:39 -07:00
MarkusTeufelberger
e67f848abc
ansible-lint: add spaces around variables [E206] ( #4699 )
2019-05-02 14:24:21 -07:00
MarkusTeufelberger
560f50d3cd
Add support for http(s)_proxy to CoreOS, Fedora and OpenSUSE ( #4669 )
...
* Add support for http(s)_proxy to CoreOS and Fedora
* fix opensuse proxy support
* Fix CoreOS proxy support
* update documentation
2019-05-02 12:28:22 -07:00